helionney
(usa Mandriva)
Enviado em 27/01/2014 - 17:46h
Amigos do VOL instalei o debian wheezy como servidor de segurança e compartilhamento de internet aquina empresa, e, agora to querendo integra-lo no meu domínio windows 2008 server e não estou conseguindo fazer com que o kerberos funcione, estou seguindo alguns tutoriais que achei nestes links :
http://blogdonerd.com.br/2013/07/configurando-squid-squidguard-no-ubuntu-12-04-lts-com-autenticacao-... ,
http://softwarelivre-ac.org/areas/debian/5-servidores/204-configurando-o-squidguard-para-autenticar-..., mas não esta dando certo vou colocar aqui o conteúdo do meu krb5.conf :
[libdefaults]
default_realm = RSIMOVEISAP.LOCAL
dns_lookup_realm = true
dns_lookup_kdc = true
ticket_lifetime = 24h
forwardable = yes
# The following krb5.conf variables are only for MIT Kerberos.
# krb4_config = /etc/krb.conf
# krb4_realms = /etc/krb.realms
# kdc_timesync = 1
# ccache_type = 4
# forwardable = true
# proxiable = true
# The following encryption type specification will be used by MIT Kerberos
# if uncommented. In general, the defaults in the MIT Kerberos code are
# correct and overriding these specifications only serves to disable new
# encryption types as they are added, creating interoperability problems.
#
# Thie only time when you might need to uncomment these lines and change
# the enctypes is if you have local software that will break on ticket
# caches containing ticket encryption types it doesn't know about (such as
# old versions of Sun Java).
# default_tgs_enctypes = des3-hmac-sha1
# default_tkt_enctypes = des3-hmac-sha1
# permitted_enctypes = des3-hmac-sha1
# The following libdefaults parameters are only for Heimdal Kerberos.
v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd = host
ftp = ftp
}
plain = {
something = something-else
}
}
fcc-mit-ticketflags = true
[realms]
RSIMOVEISAP.LOCAL = {
kdc = SRVRSIMOVEIS.rsimoveisap.local
admin_server = SRVRSIMOVEIS.rsimoveisap.local
default_domain = RSIMOVEISAP.LOCAL
}
[domain_realm]
.rsimoveisap.local = RSIMOVEISAP.LOCAL
rsimoveisap.local = RSIMOVEISAP.LOCAL
[kdc]
profile = /etc/krb5kdc/kdc.conf
[login]
krb4_convert = true
krb4_get_tickets = false
[logging]
kdc = FILE:/var/log/krb5/kdc.log
admin_server = FILE:/var/log/krb5/kadmin.log
default = FILE:/var/log/krb5/kadmin.log
quando executo o comando: kinit usuario@meu_dominio aparece o seguinte erro.
Client not found in Kerberos database while getting initial credentials.
Já estou quase desistindo, será que funciona ?
Agradeço se alguem puder me ajudar.